﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using DevExpress.XtraEditors;

using prjKQXS_DLL;
using prjKQXS_DLL.Dal;
using prjKQXS_DLL.Security;

namespace prjKQXS_UI.Security
{
    public partial class frmChangePass : DevExpress.XtraEditors.XtraForm
    {
        public frmChangePass()
        {
            InitializeComponent();
            txtTendangnhap.Text = BienTc.username;
        }

        private void simpleButton2_Click(object sender, EventArgs e)
        {
            this.Hide();
            this.Dispose();
        }
        private bool validateForm()
        {
            if (txtLaplaiMK.Text.Trim().Length == 0)
            {
                lblError.Text = "* Mật khẩu không được để trống !";
                return false;
            }
            else if (txtMK.Text.Trim().Length == 0)
            {
                lblError.Text = "* Mật khẩu không được để trống !";
                txtMK.Focus();
                return false;
            }            
            else if (!txtMK.Text.Equals(txtLaplaiMK.Text))
            {
                lblError.Text = "* Mật khẩu không trùng nhau !";
                txtLaplaiMK.Focus();
                return false;
            }
            else if (txtLaplaiMK.Text.Trim().Length == 0)
            {
                lblError.Text = "* Mật khẩu cũ không được để trống !";
                txtMKCu.Focus();
                return false;
            }
            else if (isSaiPass)
            {
                lblError.Text = "* Sai password !";
                txtMKCu.Focus();
                return false;
            }
            else
            {
                lblError.Text = "";
                return true;
            }
        }        
        private void simpleButton1_Click(object sender, EventArgs e)
        {
            if (validateForm())
                if(!isSaiPass)
                    if (updatePassword(txtTendangnhap.Text, txtMK.Text) > 0)
                        clsCommon.MsgBox("Thay đổi mật khẩu thành công !", 1);
        }

        private bool isSaiPass = false;
        private void txtMKCu_TextChanged(object sender, EventArgs e)
        {
            if (!checkPassWord(txtTendangnhap.Text, txtMKCu.Text))
            {
                lblError.Text = "* Sai password !";
                isSaiPass = true;
            }
            else
            {
                lblError.Text = "";
                isSaiPass = false;
            }
        }

        private int updatePassword(string username, string password)
        {
            try
            {
                SqlConnection conn = new SqlConnection(BienTc.connString);
                conn.Open();
                SqlCommand comm = new SqlCommand("update tblUser set password=@password where username=@username", conn);
                comm.Parameters.Add("@username", SqlDbType.NVarChar, 20).Value = username;
                comm.Parameters.Add("@password", SqlDbType.NVarChar, 50).Value = clsCommon.Encrypt(password, BienTc.encryptString, true);
                return comm.ExecuteNonQuery();
            }
            catch (Exception)
            {
                throw;
            }
        }

        private bool checkPassWord(string username, string password)
        {
            bool retVal = false;

            try
            {
                SqlConnection conn = new SqlConnection(BienTc.connString);
                conn.Open();
                SqlCommand comm = new SqlCommand("select * from tblUser where username=@username and password=@password", conn);
                comm.Parameters.Add("@username", SqlDbType.NVarChar, 20).Value = username;
                comm.Parameters.Add("@password", SqlDbType.NVarChar, 50).Value = clsCommon.Encrypt(password, BienTc.encryptString, true);
                SqlDataReader dr = comm.ExecuteReader();
                while (dr.Read())
                {
                    retVal = true;
                }
            }
            catch (Exception)
            {
                retVal = false;
                throw;
            }

            return retVal;
        }
    }
}